April 18, 2025
Security Notice: Statement About Pierre Kim Disclosed Vulnerabilities in Set of Features

Vasion Team
Vasion was made aware that Pierre Kim identified security vulnerabilities for a set of features. He responsibly reported them to Vasion prior to public disclosure, allowing us to investigate and issue updates to address the confirmed issues. At the time of publication, Docker’s latest security release addresses three remaining vulnerabilities, which we are actively testing for immediate release.
Vasion maintains both ISO 27001 and SOC 2 certifications, and is currently in the process of achieving FedRAMP Authorized status—one of the most rigorous cloud security standards—a designation earned nationally by only .001% of cloud providers/by fewer than 350 SaaS organizations. This achievement reflects an ongoing commitment to robust security practices, continuous monitoring, and third-party validation.
We appreciate Pierre Kim’s contributions, his dedication to security, and the opportunity to clarify resolved issues.
Customers with questions or concerns are encouraged to contact Vasion directly. And as always, users may reference Vasion Security.